Security providers

You can configure the framework server to use either Basic security or LDAP security as Form Login in combination with SAML or IWA Single Sign-On authentication which is an optional feature.

In the case of basic security , the security schema is stored in the framework server database. In the case of LDAP security , it is stored in an external LDAP repository (not supplied).

Framework can be configured as Service Provider and authenticate against a Identifier Providers for Single Sign-On operation based on SAML 2.0.

In the case of Single Sign-On for Integrated Windows Authentication the framework can be set for SPNEGO / Kerberos protocols.

There are multiple spring security context configurations available to be set in the framework property.

Here's the default security context file in %MV_HOME%/bin/

# Spring Security Context

The default context file does not include Single Sign-On feature configuration.

# External Authentication configuration 
  •* This configuration is for enable / disable the addition feature of a new user when an external authentication method is configured like LDAP or SSO. By default the value is true.
  •* This is the regular expression value for used ID extraction from the original ID. This is useful when the user ID retrieved by a SSO service is "jdoe@server" and the real username should be "jdoe". By default the regex value is ".*" which matches and uses the entire user ID as username. For SSO authentication, example value: ^[\w._%+-]+
    # Security Defaults

    These values are used as default fields for new users and/or groups automatically created on first successfully login.

    External Links:

  • Spring Security SAML Extension
  • Spring Security Kerberos / SPNEGO Extension